Post-Hoc Separation Policy Analysis with Graph Algorithms

ABSTRACT:

We present graph algorithms for analyzing potential information flow in
systems, modeled as labeled directed graphs, particularly focusing on
discovering and analyzing separation policies that require minimal changes to
an existing system. We have implemented the algorithms in an open-source
publicly-available tool.

SOURCE CODE: Graph Abstractor Toolkit (GAT) gat.tgzThe tool is released under a BSD3
license and is released as a collection of Haskell source files. You will
need to compile it using GHC.
At the command line, execute